Field Level Security for Microsoft Dynamics CRM 4.0

Here is a simple way to enable Field Level Security for Microsoft Dynamics CRM 4.0. This soluion is a ‘simple’ workaround :-) and only works on CRM Forms. the aim is to disabled fields following security roles.

Before:

After:

Just Copy/Paste the following code on the onload event and change the 2 first lines :

var _roles = ['roleX','System Administrator']; //array of security roles name var _fields = ['name', 'accountNumber']; // array of field schema names to disable UpdateFields(); /* Functions */ function UpdateFields() {     var oXml = GetCurrentUserRoles();     if (oXml != null) {         var roles = oXml.selectNodes("//BusinessEntity/q1:name");         if (roles != null) {             for (i = 0; i < roles.length; i++) {                 for (j = 0; j < _roles.length; j++) {                     if (roles[i].text == _roles[j]) {                         for (k = 0; k < _fields.length; k++) {                             try {                                 document.getElementById(_fields[k]).Disabled = true;                             } catch (e) {                             }                         }                         return;                       }                 }             }         }     }     return; } function GetCurrentUserRoles() {     var xml = "" + "<?xml version=\"1.0\" encoding=\"utf-8\"?>" + "<soap:Envelope xmlns:soap=\"https://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"https://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"https://www.w3.org/2001/XMLSchema\">" + GenerateAuthenticationHeader() + " <soap:Body>" + " <RetrieveMultiple xmlns=\"https://schemas.microsoft.com/crm/2007/WebServices\">" + " <query xmlns:q1=\"https://schemas.microsoft.com/crm/2006/Query\" xsi:type=\"q1:QueryExpression\">" + " <q1:EntityName>role</q1:EntityName>" + " <q1:ColumnSet xsi:type=\"q1:ColumnSet\">" + " <q1:Attributes>" + " <q1:Attribute>name</q1:Attribute>" + " </q1:Attributes>" + " </q1:ColumnSet>" + " <q1:Distinct>false</q1:Distinct>" + " <q1:LinkEntities>" + " <q1:LinkEntity>" + " <q1:LinkFromAttributeName>roleid</q1:LinkFromAttributeName>" + " <q1:LinkFromEntityName>role</q1:LinkFromEntityName>" + " <q1:LinkToEntityName>systemuserroles</q1:LinkToEntityName>" + " <q1:LinkToAttributeName>roleid</q1:LinkToAttributeName>" + " <q1:JoinOperator>Inner</q1:JoinOperator>" + " <q1:LinkEntities>" + " <q1:LinkEntity>" + " <q1:LinkFromAttributeName>systemuserid</q1:LinkFromAttributeName>" + " <q1:LinkFromEntityName>systemuserroles</q1:LinkFromEntityName>" + " <q1:LinkToEntityName>systemuser</q1:LinkToEntityName>" + " <q1:LinkToAttributeName>systemuserid</q1:LinkToAttributeName>" + " <q1:JoinOperator>Inner</q1:JoinOperator>" + " <q1:LinkCriteria>" + " <q1:FilterOperator>And</q1:FilterOperator>" + " <q1:Conditions>" + " <q1:Condition>" + " <q1:AttributeName>systemuserid</q1:AttributeName>" + " <q1:Operator>EqualUserId</q1:Operator>" + " </q1:Condition>" + " </q1:Conditions>" + " </q1:LinkCriteria>" + " </q1:LinkEntity>" + " </q1:LinkEntities>" + " </q1:LinkEntity>" + " </q1:LinkEntities>" + " </query>" + " </RetrieveMultiple>" + " </soap:Body>" + "</soap:Envelope>" + "";     var xmlHttpRequest = new ActiveXObject("Msxml2.XMLHTTP");     xmlHttpRequest.Open("POST", "/mscrmservices/2007/CrmService.asmx", false);     xmlHttpRequest.setRequestHeader("SOAPAction", " https://schemas.microsoft.com/crm/2007/WebServices/RetrieveMultiple");     xmlHttpRequest.setRequestHeader("Content-Type", "text/xml; charset=utf-8");     xmlHttpRequest.setRequestHeader("Content-Length", xml.length);     xmlHttpRequest.send(xml);     var resultXml = xmlHttpRequest.responseXML;     return (resultXml); } /* Functions */

 

 

Pierre-Adrien FORESTIER | PAF | https://blogs.msdn.com/paf